You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Setting up usage of this library, one of my security helpers pinged that the library encourages the use of sprintf-style formatting for SQOL query construction. Is that secure? Does Salesforce provide something like prepared statements? Does this library have a way to do query construction in a safer way than just escape-and-hope?
The text was updated successfully, but these errors were encountered:
SOQL, does not have the ability to perform DML against the database. This means that records cannot be modified via SOQL. This should take the majority of the risk out of injection attacks. Really, the only risk would be that someone is able to query some extra fields on a record.
Setting up usage of this library, one of my security helpers pinged that the library encourages the use of sprintf-style formatting for SQOL query construction. Is that secure? Does Salesforce provide something like prepared statements? Does this library have a way to do query construction in a safer way than just escape-and-hope?
The text was updated successfully, but these errors were encountered: